Information processing system, information processing apparatus, and recording medium

ABSTRACT

One information processing apparatus among a plurality of information processing apparatuses performs virus detection processing for detecting a computer virus. When a computer virus has been detected from the one information processing apparatus by the virus detection processing, the one information processing apparatus transmits an execution request to perform the virus detection processing to another information processing apparatus different from the one information processing apparatus among the plurality of information processing apparatuses.

Japanese Patent Application No. 2016-210432 filed on Oct. 27, 2016,including description, claims, drawings, and abstract the entiredisclosure is incorporated herein by reference in its entirety.

BACKGROUND Technological Field

The present invention relates to an information processing apparatus andtechniques related thereto.

Description of the Related Art

There are techniques for combating computer viruses in an informationprocessing apparatus when any computer virus has been detected in theinformation processing apparatus (see Japanese Patent ApplicationLaid-Open No. 2005-229611; hereinafter, referred to as “Patent Document1”).

In an information processing system configured by a plurality ofinformation processing apparatuses, frequent data exchange may occuramong information processing apparatuses. Thus, if one informationprocessing apparatus is infected with a computer virus in theinformation processing system, it is possible for other informationprocessing apparatuses to also become infected with the computer virusdue to, for example, communication with the infected informationprocessing apparatus.

When a computer virus has been detected from an information processingapparatus in the information processing system, the technique describedabove in Patent Document 1 merely combats the computer virus in that oneinformation processing apparatus. In other words, even if a computervirus has been detected from one information processing apparatus, thetechnique described above in Patent Document 1 does nothing with theother information processing apparatuses in the information processingsystem as a result of the detection of the computer virus.

Thus, if another information processing apparatus is also infected withthe computer virus, that information processing apparatus may be damagedby the computer virus. Also, if another information processing apparatusis also infected with the computer virus, yet other informationprocessing apparatuses may also become infected with the computer virusdue to, for example, communication with the other infected informationprocessing apparatuses.

Thus, simply combating the computer virus in only the informationprocessing apparatus from which the computer virus has been detected isnot enough to properly protect the information processing systemconfigured by a plurality of information processing apparatuses fromcomputer viruses.

SUMMARY

It is an object of the present invention to provide a technique thatenables an information processing system configured by a plurality ofinformation processing apparatuses to be protected properly fromcomputer viruses.

According to a first aspect of the present invention, an informationprocessing system includes a plurality of information processingapparatuses. One information processing apparatus among the plurality ofinformation processing apparatuses includes a first hardware processor,and a first transmitter. The first hardware processor causes the oneinformation processing apparatus to perform virus detection processingfor detecting a computer virus, and if a computer virus is detected fromthe one information processing apparatus by the virus detectionprocessing, the first hardware processor causes the first transmitter totransmit an execution request to perform the virus detection processingto another information processing apparatus different from the oneinformation processing apparatus among the plurality of informationprocessing apparatuses.

According to a second aspect of the present invention, an informationprocessing apparatus that is one consistent element of an informationprocessing system configured by a plurality of information processingapparatuses includes a hardware processor and a transmitter. Thehardware processor causes the information processing apparatus toperform virus detection processing for detecting a computer virus, andwhen a computer virus has been detected from the information processingapparatus by the virus detection processing, the hardware processorcauses the transmitter to transmit an execution request to perform thevirus detection processing to another information processing apparatusdifferent from the information processing apparatus among the pluralityof information processing apparatuses.

According to a third aspect of the present invention, a non-transitorycomputer-readable recording medium that records a program for causing acomputer built into an information processing apparatus that is oneconstituent element of an information processing system configured by aplurality of information processing apparatuses to perform a) causingthe information processing apparatus to perform virus detectionprocessing for detecting a computer virus, and b) when a computer virushas been detected from the information processing apparatus by the virusdetection processing, transmitting an execution request to perform thevirus detection processing to another information processing apparatusdifferent from the information processing apparatus among the pluralityof information processing apparatuses.

BRIEF DESCRIPTION OF THE DRAWINGS

The advantages and features provided by one or more embodiments of theinvention will become more fully understood from the detaileddescription given hereinbelow and the appended drawings which are givenby way of illustration only, and thus are not intended as a definitionof the limits of the present invention:

FIG. 1 illustrates an information processing system.

FIG. 2 illustrates functional blocks of an MFP.

FIG. 3 is a conceptual diagram for describing an outline of operationsperformed in the information processing system.

FIG. 4 is a flowchart of operations performed by a request sourceapparatus that issues a request (virus scan request) to perform virusdetection processing.

FIG. 5 is a flowchart of operations performed by a request destinationapparatus that receives the virus scan request.

FIG. 6 illustrates a virus management table.

FIG. 7 illustrates an apparatus management table.

FIG. 8 is a flowchart of operations performed by the request destinationapparatus according to a second embodiment.

FIG. 9 illustrates execution history information regarding antivirusprocessing performed by the request source apparatus (MFP 10 a).

FIG. 10 illustrates communication history information regarding therequest source apparatus (MFP 10 a).

FIG. 11 is a flowchart of operations performed by the requestdestination apparatus when an access request is received from anotherMFP 10 during execution of a virus scan.

FIG. 12 is a flowchart of operations performed by the requestdestination apparatus when an access request is received from anotherMFP 10 during execution of a virus scan.

FIG. 13 illustrates used function information regarding the requestsource apparatus (MFP 10 a).

FIG. 14 illustrates the priority of each MFP 10.

FIG. 15 illustrates the start time of a virus scan performed by each MFP10.

FIG. 16 illustrates an antivirus processing status screen.

FIG. 17 illustrates another antivirus processing status screen.

FIG. 18 illustrates a scan execution request screen.

FIG. 19 is a conceptual diagram for describing an outline of operationsperformed in the information processing system according to a variation.

FIG. 20 is a conceptual diagram for describing an outline of operationsperformed in the information processing system according to anothervariation.

FIG. 21 illustrates a screen for introducing an alternate apparatus.

DETAILED DESCRIPTION OF EMBODIMENTS

Hereinafter, one or more embodiments of the present invention will bedescribed with reference to the drawings. However, the scope of theinvention is not limited to the disclosed embodiments.

1. First Embodiment

1-1. Overview of Configuration

FIG. 1 illustrates an information processing system 1 according to thepresent invention. The information processing system 1 includes aplurality of information processing apparatuses. In the present example,the information processing system 1 is configured by a plurality ofimage processing apparatuses 10 (10 a, 10 b, 10 c, and so on) asillustrated in FIG. 1.

Each image processing apparatus 10 has installed software (also referredto as “antivirus software”) that enables the image processing apparatusto perform antivirus processing that includes processing for detectingcomputer viruses (virus detection processing; also referred to as a“virus scan” or “virus check”).

More specifically, the antivirus software executes a virus scan in theantivirus processing on the basis of, for example, a virus definitionfile (file that records, for example, the actions (patterns) of variouscomputer viruses).

If any computer virus has been detected by the virus scan, the antivirussoftware also executes processing for rendering the detected computervirus harmless (hereinafter, referred to as “rendering harmlessprocessing”) in the antivirus processing. The rendering harmlessprocessing includes processing such as processing for combating(removing) computer viruses from files (infected files) that areinfected with computer viruses, deletion processing for deleting theinfected files, and/or isolation processing for isolating the infectedfiles within a specific area.

When the antivirus processing is started, the antivirus software startsa virus scan of data to be processed (scanned) in the antivirusprocessing. The virus scan is performed on all data to be processed, andif any computer virus has been detected by the virus scan, the renderingharmless processing is performed on the detected computer virus, and theantivirus processing ends. On the other hand, if no computer viruseshave been detected by the virus scan performed on all data to beprocessed, the antivirus processing is completed along with thecompletion of the virus scan.

Each image processing apparatus 10 performs a virus scan on a regularbasis (so-called regular scan). In the present example, the imageprocessing apparatuses 10 are assumed to perform a regular scan atdifferent times, instead of performing a regular scan in unison at thesame time.

According to the present invention, the “infection” with computerviruses includes a latent period from when the computer viruses invadeapparatuses until the computer viruses “activate” (e.g., computerviruses destroy data in the apparatuses).

1-2. Configuration of Image Processing Apparatus

FIG. 2 illustrates functional blocks of one of the image processingapparatuses 10 (10 a, 10 b, 10 c, and so on). A Multi-FunctionalPeripheral (MFP) is illustrated as an example of the image formingapparatuses 10. FIG. 2 illustrates functional blocks of the MFP 10. TheMFP 10 is also referred to as an “image forming apparatus.”

The MFP 10 is an apparatus (also referred to as a “Multi-FunctionalPeripheral”) having functions such as a scan function, a copy function,a facsimile function, and a box storage function. More specifically, theMFP 10 includes, for example, an image reading unit 2, a print outputunit 3, a communication unit 4, a storage 5, an operation unit 6, and acontroller 9 as illustrated in the functional block diagram in FIG. 2,and implements various types of functions by operating these units incombination.

The image reading unit 2 is a processing unit that optically reads anoriginal document placed at a predetermined position on the MFP 10 andgenerates image data (also referred to as a document image) of theoriginal document.

The print output unit 3 is an output unit that prints out an image onvarious types of media such as paper on the basis of data regarding anobject to be printed.

The communication unit 4 is a processing unit that is capable offacsimile communication via a public network or other networks. Thecommunication unit 4 is also capable of network communication via anetwork. The network communication uses various types of protocols suchas Transmission Control Protocol/Internet Protocol (TCP/IP). Using thenetwork communication allows the MFP 10 to exchange various types ofinformation with desired parties (e.g., other MFPs 10). Thecommunication unit 4 includes a transmitter 4 a that transmits varioustypes of data, and a receiver 4 b that receives various types of data.

The storage 5 is configured by a storage device such as a hard diskdrive (HDD).

The operation unit 6 includes an operation input unit 6 a that acceptsoperation input to the MFP 10, and a display unit 6 b that displays andoutputs various types of information.

The MFP 10 is provided with an operation panel unit 6 c of a generallyplate-like shape (see FIG. 1). The operation panel unit 6 c includes atouch panel 25 (see FIG. 1) on the front side. The touch panel 25functions not only as part of the operation input unit 6 a but also aspart of the display unit 6 b. The touch panel 25 is configured byembedding various types of sensors or other constituent elements in aliquid crystal display panel and is capable of accepting various typesof operation input from an operator while displaying various types ofinformation.

The controller 9 is a control device that is built into the MFP 10 andperforms overall control of the MFP 10. The controller 9 is configuredas a computer system that includes, for example, a CPU and various typesof semiconductor memories such as a RAM and a ROMs. The controller 9implements various types of processing units by causing the CPU toexecute predetermined software programs (hereinafter, also simplyreferred to as “programs”) stored in the ROM (e.g., EEPROM; registeredtrademark). The programs (to be more specific, a group of programmodules) may be recorded in a portable recording medium (or in otherwords, any of various types of non-transitory computer-readablerecording media) such as a USB memory and installed into the MFP 10 viathe recording medium. Alternatively, the programs may be downloaded via,for example, a network and installed into the MFP 10.

More specifically, by executing the programs, the controller 9implements various types of processing units that include acommunication control unit 11, an input control unit 12, a displaycontrol unit 13, and an antivirus execution control unit 14 asillustrated in FIG. 2.

The communication control unit 11 is a processing unit that controlscommunication operations with other apparatuses (e.g., other MFPs 10) incooperation with the communication unit 4 or other constituent elements.The communication control unit 11 includes a transmission control unitthat controls operations of transmitting various types of data, and areception control unit that controls operations of receiving varioustypes of data. For example, when any computer virus has been detectedfrom its own MFP 10, the communication control unit 11 transmits arequest (also referred to as a “virus scan request”) to perform virusdetection processing (virus scan) to other MFPs 10 different from itsown MFP 10 among the plurality of MFPs 10. To be more specific, thecommunication control unit 11 transmits the virus scan request to therequest destination apparatuses that receive a virus scan request (inthe present example, the remaining MFPs 10 other than its own MFP 10among the plurality of MFPs 10).

The input control unit 12 is a control unit that controls operations ofreceiving operation input to the operation input unit 6 a (e.g., touchpanel 25). For example, the input control unit 12 controls operations ofaccepting operation input to an operation screen displayed on the touchpanel 25.

The display control unit 13 is a processing unit that controls displayoperations of the display unit 6 b (e.g., touch panel 25). The displaycontrol unit 13 causes the touch panel 25 to display screens such as anoperation screen for operating the MFP 10.

The antivirus execution control unit 14 is a processing unit thatcontrols operations such as performing antivirus processing (a virusscan and rendering harmless processing) on its own MFP 10 in cooperationwith the antivirus software. For example, the antivirus executioncontrol unit 14 performs a virus scan of its own MFP 10 on the basis ofa virus scan request received from another MFP 10 (MFP 10 from which acomputer virus is detected). More specifically, the antivirus executioncontrol unit 14 provides notification of a command to perform a virusscan to the antivirus software in its own MFP 10 upon receiving thevirus scan request. Then, the antivirus software performs a virus scanin response to this execution command.

1-3. Operations

According to the present embodiment, when any computer virus has beendetected from an MFP 10 (e.g., MFP 10 a) among the plurality of MFPs 10,the MFP 10 a transmits a virus scan request to the request destinationapparatuses (in the present example, MFPs 10 other than the MFP 10 a,i.e., MFPs 10 b, 10 c, 10 d, and so on; see FIG. 3). Each requestdestination apparatus that has received the virus scan requestautomatically performs a virus scan of its own apparatus on the basis ofthe virus scan request from the MFP 10 a, which is a request sourceapparatus issuing a virus scan request.

FIG. 4 is a flowchart of operations performed by the request sourceapparatus issuing a virus scan request (in the present example, MFP 10a). FIG. 5 is a flowchart of operations performed by the requestdestination apparatuses (in the present example, MFPs 10 b, 10 c, and soon) receiving a virus scan request.

Operations of Request Source Apparatus Issuing Virus Scan Request

First, the operations performed by the request source apparatus issuinga virus scan request (in the present example, MFP 10 a) will bedescribed with reference to FIG. 4.

In step S11, the MFP 10 a starts antivirus processing and also starts aregular scan (virus scan performed on a regular basis) of data in apredetermined directory (in the present example, all data in the MFP 10a; hereinafter, referred to as “to-be-scanned data”). This virus scan isperformed by the antivirus software installed in the MFP 10 a.

In step S12, the MFP 10 a determines whether any computer virus has beendetected by the virus scan of itself. More specifically, it isdetermined whether a detection result indicating that a computer virushas been detected is acquired from the antivirus software in the MFP 10a.

For example, if the MFP 10 a is infected with a computer virus (i.e., acomputer virus exists in the MFP 10 a), the computer virus is detectedby the virus scan of the MFP 10 a. Then, it is determined in step S12that a computer virus has been detected by the virus scan, and theprocedure proceeds to step S13. If the MFP 10 a is not infected with anycomputer virus (i.e., no computer viruses exist in the MFP 10 a), nocomputer viruses are detected by the virus scan of the MFP 10 a, and theprocedure proceeds to step S16, which will be described later.

In step S13, the MFP 10 a registers information (virus information)regarding the computer virus detected from itself in a virus managementtable 300 (see FIG. 6). In the present example, the type (type A) of thedetected computer virus, the apparatus (MFP 10 a) from which thecomputer virus is detected, and the directory (“/user/local” in the MFP10 a) from which the computer virus is detected are associated with oneanother and registered in the virus management table 300.

Then, in step S14, the MFP 10 a performs rendering harmless processingon the computer virus detected from itself. For example, the antivirussoftware in the MFP 10 a performs processing for combating the detectedcomputer virus as the rendering harmless processing.

After having performed the rendering harmless processing on the detectedcomputer virus (step S14), the MFP 10 a transmits a virus scan request(request to perform virus detection processing) to the requestdestination apparatuses receiving a virus scan request (step S15).

More specifically, the MFP 10 a designates MFPs 10 (in the presentexample, the remaining MFPs 10 such as MFPs 10 b, and 10 c other thanthe MFP 10 a among the plurality of MFPs 10) that are pre-registered inan apparatus management table 400 (see FIG. 7) as the requestdestination apparatuses receiving a virus scan request. Then, the MFP 10a transmits the virus scan request in unison to the MFPs 10 (MFPs 10 b,10 c, and so on) designated as the request destination apparatusesreceiving a virus scan request (to be more specific, the IP addresses ofthese MFPs 10). The present invention is, however, not limited to thisexample, and the virus scan request may be sequentially transmitted toeach request destination apparatus.

The virus scan request includes scan-data designation information thatdesignates data to be scanned by the virus scan performed by the requestdestination apparatuses. In the present example, data stored in the samedirectory as the directory (“/user/local”; see FIG. 6) of the MFP 10 afrom which the computer virus is detected is designated as theto-be-scanned data. In the information processing system 1, each MFP 10is assumed to have the same directory structure.

In step S16, the MFP 10 a determines whether the virus scan of itself iscompleted.

For example, if the virus scan has not yet been completed for allto-be-scanned data in the MFP 10 a, the procedure returns to step S12,and the processing from steps S12 to S15 is performed again.

On the other hand, if the virus scan has been completed for allto-be-scanned data in the MFP 10 a, the antivirus processing of the MFP10 a is completed, and the processing of the MFP 10 a (i.e., flowchartin FIG. 4) ends. When the antivirus processing of the MFP 10 a has beencompleted, it is confirmed that the MFP 10 a is capable of safecommunication connection. To be more specific, it is confirmed that therendering harmless processing has been performed on the computer virusdetected from the MFP 10 a (step S14), and accordingly the MFP 10 abecomes capable of safe communication connection.

In this way, if any computer virus has been detected from the MFP 10 a,the MFP 10 a performs the rendering harmless processing on the detectedcomputer virus and also transmits the virus scan request to the otherMFPs 10.

Operations of Request Destination Apparatuses Receiving Virus ScanRequest

Next, the operations performed by a plurality of request destinationapparatuses receiving a virus scan request (in the present example, MFPs10 b, 10 c, and so on) will be described with reference to FIG. 5. Here,the operations performed by one (e.g., MFP 10 c) of the requestdestination apparatuses (MFPs 10 b,10 c, and so on) are illustrated byway of example. The other request destination apparatuses (requestdestination apparatuses other than the MFP 10 c) also perform operationsin the same manner as the MFP 10 c.

First, in step S21, the one request destination apparatus (in thepresent example, MFP 10 c) determines whether a virus scan request hasbeen received. If the MFP 10 c has received a virus scan request, theprocedure proceeds from step S21 to step S22.

In step S22, the request destination apparatus (MFP 10 c) automaticallystarts antivirus processing on the basis of the virus scan requestreceived from the request source apparatus issuing a virus scan request(in the present example, MFP 10 a), and also automatically performs avirus scan of itself (MFP 10 c).

More specifically, in response to the receipt of the virus scan request,the request destination apparatus (MFP 10 c) automatically starts avirus scan of the to-be-scanned data (in the present example, data inthe directory “/user/local” of the MFP 10 c) that is designated by thescan-data designation information included in the virus scan request. Tobe more specific, the antivirus execution control unit 14 of the MFP 10c provides notification of a command to perform a virus scan of theto-be-scanned data, to the antivirus software in the MFP 10 c. Inresponse to this execution command, the antivirus software in the MFP 10c starts the virus scan.

In step S23, the request destination apparatus (MFP 10 c) determineswhether any computer virus has been detected by the virus scan (virusscan based on the virus scan request) started by itself (MFP 10 c). Morespecifically, it is determined whether a detection result indicatingthat a computer virus has been detected from the to-be-scanned datadesignated by the virus scan request has been acquired from theantivirus software in the MFP 10 c.

For example, if a computer virus has been detected by the virus scanstarted by the request destination apparatus (MFP 10 c), the procedureproceeds from step S23 to step S24. If no computer viruses have beendetected by the virus scan started by the MFP 10 c, the procedureproceeds from step S23 to step S25, which will be described later.

In step S24, the request destination apparatus (MFP 10 c) performsrendering harmless processing on the computer virus detected by thevirus scan of itself (MFP 10 c). More specifically, the antivirussoftware in the MFP 10 c performs the rendering harmless processing(e.g., processing for combating the computer virus) on the detectedcomputer virus. Then, the procedure proceeds to step S25.

In step S25, the request destination apparatus (MFP 10 c) determineswhether the virus scan (virus scan of the to-be-scanned data) has beencompleted.

For example, if the virus scan has not yet been completed for allto-be-scanned data in the MFP 10 c, the procedure returns to step S23,and the processing in steps S23 and S24 is performed again.

On the other hand, if the virus scan has been completed for allto-be-scanned data in the MFP 10 c, the antivirus processing of the MFP10 c is completed, and the processing of the MFP 10 c (i.e., flowchartin FIG. 5) ends.

When the antivirus processing of the MFP 10 c has been completed, it isconfirmed that the MFP 10 c is capable of safe communication connection.More specifically, for example if no computer viruses have been detectedfrom the MFP 10 c, it is confirmed, from the detection result indicatingthat no computer viruses exist in the MFP 10 c, that the MFP 10 c iscapable of safe communication connection. On the other hand, if acomputer virus has been detected from the MFP 10 c, it is confirmed thatthe rendering harmless processing has been performed on the detectedcomputer virus, and accordingly the MFP 10 c becomes capable of safecommunication connection.

As described above, according to the first embodiment, if any computervirus has been detected from an MFP 10 (in the present example, MFP 10a) in the information processing system 1, a virus scan request istransmitted to the other apparatuses (request destination apparatusesreceiving a virus scan request) different from the MFP 10 a. Thisconfiguration allows the information processing system 1 configured by aplurality of MFPs 10 to be properly protected from computer viruses.

In particular, according to the first embodiment, the requestdestination apparatuses receiving a virus scan request (in the presentexample, MFPs 10 b, 10 c, and so on) automatically perform a virus scanin response to receipt of the virus scan request. In other words, aftera computer virus has been detected from an MFP 10 (in the presentexample, MFP 10 a), the request destination apparatuses (MFPs 10 b, 10c, and so on other than the MFP 10 a) relatively early perform a virusscan (without waiting for execution of a regular scan to be performed bythe request destination apparatuses). Thus, even if another MFP 10(e.g., MFP 10 c) is also infected with the computer virus (i.e., thecomputer virus also exists in the MFP 10 c), the MFP 10 c will earlyperform the rendering harmless processing on the computer virus. Thisconfiguration reduces a situation where yet other MFPs 10 becomeinfected with the computer virus (i.e., computer virus infectionexpands) due to, for example, communication with the MFP 10 c. Thus, itis possible to more properly protect the information processing system 1configured by a plurality of MFPs 10 from computer viruses.

While the first embodiment describes an example in which the MFP 10(here, MFP 10 a) from which the computer virus is detected transmits avirus scan request to the MFPs 10 pre-registered in the apparatusmanagement table 400 (FIG. 7), the present invention is not limited tothis example. For example, the MFP 10 a may transmit a request to returnapparatus information (e.g., IP address) in unison to apparatuses in thesame network and then transmit a virus scan request to MFPs 10 that areidentified on the basis of the returned apparatus information.

While the first embodiment describes an example in which data in thesame directory as the directory from which the computer virus isdetected is designated as data to be scanned by the virus scan performedby the request destination apparatuses, the present invention is notlimited to this example. For example, all data in the requestdestination apparatuses may be designated as data to be scanned by thevirus scan.

2. Second Embodiment

A second embodiment is a variation of the first embodiment. Thefollowing description focuses mainly on differences from the firstembodiment.

According to the second embodiment, the request destination apparatusesreceiving a virus scan request perform, in addition to the operationdescribed above in the first embodiment, a virus scan of the virus scanrequest itself (data constituting the virus scan request).

In the present example, the virus scan request is transmitted from theMFP 10 (e.g., MFP 10 a) from which the computer virus is detected, tothe request destination apparatuses. It is not always safe for therequest destination apparatuses (e.g., MFP 10 c) to read the virus scanrequest from such an MFP 10 a. If a computer virus is incorporated inthe data constituting the virus scan request (internal data of the virusscan request), the request destination apparatuses (MFP 10 c) that haveread the virus scan request may become infected with the computer virus(i.e., the computer virus may invade the request destinationapparatuses).

In consideration of this fact, the request destination apparatusesperform a virus scan of the virus scan request itself (data constitutingthe virus scan request) according to the second embodiment.

More specifically, the MFP 10 a (MFP 10 from which the computer virus isdetected, i.e., the request source apparatus issuing a virus scanrequest) transmits a virus scan request to specific communication ports(software ports) of the request destination apparatuses (in the presentexample, MFPs 10 b, 10 c, and so on) (see step S15 in FIG. 4).

To be more specific, each MFP 10 is previously provided with a pluralityof communication ports that includes a dedicated port for receiving avirus scan request. The MFP 10 a (request source apparatus) transmits avirus scan request to this dedicated port previously provided in eachrequest destination apparatus.

Note that processing other than the processing performed in step S15 isperformed in the same manner as in the above-described first embodiment.

The request destination apparatuses perform operations according to theflowchart in FIG. 8. FIG. 8 is a flowchart of operations performed bythe request destination apparatuses receiving a virus scan requestaccording to the second embodiment. The second embodiment illustratesoperations performed by one (e.g., MFP 10 c) of the plurality of requestdestination apparatuses (MFPs 10 b, 10 c, and so on). The other requestdestination apparatuses (request destination apparatuses other than theMFP 10 c) also perform operations in the same manner as the MFP 10 c.

More specifically, the request destination apparatus (MFP 10 c) performsa virus scan of data constituting the virus scan request upon receivingthe virus scan request (steps S31 and S32).

To be more specific, in step S31, the request destination apparatus (MFP10 c) determines whether data has been received at the dedicated portfor receiving a virus scan request.

If data has been received at the dedicated port for receiving a virusscan request, the request destination apparatus (MFP 10 c) determinesthat the virus scan request has been received, and performs a virus scanof the data (i.e., virus scan request) received at the dedicated port(step S32). More specifically, the antivirus execution control unit 14of the MFP 10 c provides notification of a command to perform a virusscan of the data constituting the received virus scan request to theantivirus software, and the antivirus software performs a virus scan ofthe data constituting the virus scan request in response to thisexecution command. Then, the procedure proceeds to step S33.

In step S33, the request destination apparatus (MFP 10 c) determineswhether any computer virus has been detected from the data constitutingthe received virus scan request.

For example, if no computer viruses have been detected from the virusscan request, the procedure proceeds to step S22, and a virus scan basedon the virus scan request is performed in the same manner as in thefirst embodiment. More specifically, the request destination apparatus(MFP 10 c) starts the antivirus processing and performs a virus scan ofto-be-scanned data designated by the scan-data designation informationincluded in the virus scan request. Then, the procedure proceeds to stepS23 and onward. The processing performed in step S23 and onward is thesame as the processing described in the first embodiment.

On the other hand, if a computer virus has been detected from the dataconstituting the virus scan request, the procedure proceeds from stepS33 to step S34.

In step S34, the request destination apparatus (MFP 10 c) performsrendering harmless processing (e.g., processing for combating thecomputer virus) on the computer virus detected from the virus scanrequest. The request destination apparatus (MFP 10 c) then starts theantivirus processing and performs a virus scan of all data in itself(MFP 10 c) (step S35). In other words, if a computer virus has beendetected from the data constituting the virus scan request, the requestdestination apparatus does not read the virus scan request and performsa virus scan of all data in the request destination apparatus. Then, theprocedure proceeds to step S23 and onward. The processing performed instep S23 and onward is the same as the processing described in the firstembodiment.

In this way, according to the second embodiment, a virus scan of thedata constituting the virus scan request is performed upon receipt ofthe virus scan request. This configuration allows the requestdestination apparatuses to first ensure the safety of the data itselfthat constitutes the virus scan request received from the MFP 10 (in thepresent example, MFP 10 a) from which the computer virus is detected andthen perform a virus scan based on the virus scan request.

While the second embodiment describes an example in which a virus scanof the data constituting the virus scan request is performed after (orimmediately after) the receipt of the virus scan request, the presentinvention is not limited to this example. For example, a virus scan ofthe data constituting the virus scan request may be performed duringreceipt of the virus scan request.

3. Third Embodiment

A third embodiment is a variation of the first embodiment. The followingdescription focuses mainly on differences from the first embodiment.

According to the third embodiment, the request destination apparatusesreceiving a virus scan request not only perform the operations accordingto the first embodiment, but also are forbidden to establishcommunication connection with an MFP 10 that is suspected of beinginfected with a computer virus.

In the present example, if the request source apparatus issuing a virusscan request (MFP 10 a) has established communication connection with,for example, the MFP 10 d between the time when the MFP 10 a has beenconfirmed to be capable of safe communication connection by the previousvirus scan and the time when a computer virus has been detected from theMFP 10 a, the MFP 10 d may be infected with the computer virus. To bemore specific, the MFP 10 a may have become infected with the computervirus due to the communication connection with the MFP 10 d. That is,the MFP 10 d may be the cause of infection with the computer virus. Asanother alternative, if the MFP 10 a has already been infected with thecomputer virus before establishing communication connection with the MFP10 d, the MFP 10 d may have become infected with the computer virus dueto the communication connection with the MFP 10 a. If a requestdestination apparatus establishes communication connection with such anMFP 10 (MFP 10 d that has a relatively high possibility of beinginfected with a computer virus), the request destination apparatus mayalso become infected with the computer virus.

In consideration of this fact, according to the third embodiment, therequest destination apparatuses receiving a virus scan request areforbidden to establish communication connection with an MFP 10 that hasa relatively high possibility of being infected with a computer virus(MFP 10 that is suspected of being infected with a computer virus; alsoreferred to as a “suspected infected apparatus”).

In the third embodiment as well, the processing in FIG. 4 and theprocessing in FIG. 5 are performed in the same manner as in the firstembodiment.

However, the virus scan request transmitted from the request sourceapparatus (e.g., MFP 10 a) to the request destination apparatusesincludes virus infection information, which will be described later,according to the third embodiment. The request destination apparatusesreceiving a virus scan request are forbidden to establish communicationconnection with a suspected infected apparatus on the basis of the virusinfection information included in the virus scan request.

More specifically, each MFP 10 has a record of execution historyinformation regarding antivirus processing performed by itself (to bemore specific, antivirus processing performed on all data in the MFP10).

FIG. 9 illustrates execution history information regarding antivirusprocessing performed by the MFP 10 a. In the present example, the MFP 10a has started antivirus processing (regular scan) on Jul. 5, 2016 at19:00 and completed the antivirus processing on Jul. 5, 2016 at 19:10.The MFP 10 a has started antivirus processing (regular scan) again onJul. 6, 2016 at 19:00. Then, a computer virus has been detected from theMFP 10 a on Jul. 6, 2016 at 19:05.

Each MFP 10 also has a record of communication history information inwhich an apparatus (connection destination apparatus) with which the MFP10 has established communication connection is associated with the time(connection time) of the communication connection.

FIG. 10 illustrates communication history information regarding the MFP10 a. In the present example, the communication history informationregarding the MFP 10 a records that the MFP 10 a has establishedcommunication connection with the MFP 10 b on Jul. 5, 2016 at 18:30 andhas established communication connection with the MFP 10 d on Jul. 6,2016 at 17:00.

If a computer virus has been detected from the MFP 10 a (step S12 inFIG. 4), the MFP 10 a transmits a virus scan request including virusinfection information (described later) to the request destinationapparatuses (MFPs 10 other than the MFP 10 a) after steps S13 and S14(step S15).

More specifically, the MFP 10 a determines that the MFPs 10 that haveestablished communication connection with the MFP 10 a (request sourceapparatus issuing a virus scan request) within a presumed infectionperiod (described next) are suspected infected apparatuses (MFPs 10suspected of being infected with the computer virus).

The presumed infection period is a period during which the requestsource apparatus (in the present example, MFP 10 a) is presumed to havebecome infected with the computer virus (period during which thecomputer virus is presumed to have invaded the request source apparatus;also referred to as a “presumed invasion period”). To be more specific,a period from when the MFP 10 a has been confirmed to be capable of safecommunication connection by the previous virus scan performed by therequest source apparatus (MFP 10 a) until a computer virus has beendetected from the request source apparatus (MFP 10 a) is identified asthe presumed infection period. In other words, a period from when theprevious antivirus processing performed by the request source apparatus(MFP 10 a) has been completed until a computer virus has been detectedfrom the MFP 10 a is presumed to be the presumed infection period. Inthe present example, a period from Jul. 5, 2016 at 19:10 (when theprevious antivirus processing has been completed) to Jul. 6, 2016 at19:05 (when a computer virus has been detected) is identified as thepresumed infection period. In short, the MFP 10 a is presumed to havebecome infected with the computer virus during the period from Jul. 5,2016 at 19:10 to Jul. 6, 2016 at 19:05.

Then, the request source apparatus (MFP 10 a) identifies an MFP 10 (inthe present example, MFP 10 d; see also FIG. 10) that has establishedcommunication connection with itself (MFP 10 a) within the presumedinfection period as a suspected infected apparatus. In other words, ifthe MFP 10 d has established communication connection with the MFP 10 abetween the time when the previous antivirus processing has beencompleted and the time when the computer virus has been detected, it isdetermined that the MFP 10 d has a relatively high possibility of beinginfected with the computer virus, and the MFP 10 d is identified as asuspected infected apparatus.

After having identified the suspected infected apparatus, the requestsource apparatus (MFP 10 a) performs control to forbid communicationconnection between the request destination apparatuses (in the presentexample, MFPs 10 other than the MFP 10 a) and the suspected infectedapparatus (in the present example, MFP 10 d). More specifically, therequest source apparatus (MFP 10 a) transmits a virus scan request thatincludes a connection forbidding command to forbid communicationconnection between the request destination apparatuses and the suspectedinfected apparatus (MFP 10 d) to the request destination apparatuses(step S15). In the present example, the virus infection information(described next) is included as the connection forbidding command in thevirus scan request. The virus infection information includes apparatusinformation (e.g., IP address) regarding the MFP 10 (in the presentexample, MFP 10 d) identified as the suspected infected apparatus.

Then, upon receiving the virus scan request (step S21), the requestdestination apparatuses receiving a virus scan request are forbidden toestablish communication connection with the suspected infected apparatuson the basis of the connection forbidding command (virus infectioninformation) included in the virus scan request. More specifically, therequest destination apparatuses (e.g., MFP 10 c) are forbidden toestablish communication connection with the MFP 10 (in the presentexample, MFP 10 d) identified on the basis of the apparatus informationincluded in the virus infection information.

Thereafter, the request destination apparatuses automatically perform avirus scan on the basis of the virus scan request (steps S22 to S25).The content of processing performed in steps S22 to S25 is the same asthe processing performed in the first embodiment.

In this way, according to the third embodiment, the request destinationapparatuses receiving a virus scan request are forbidden to establishcommunication connection with an MFP 10 that has establishedcommunication connection with the request source apparatus within theperiod (presumed infection period) during which the request sourceapparatus issuing a virus scan request is presumed to have becomeinfected with the computer virus (i.e., MFP 10 suspected of beinginfected with the computer virus). This configuration avoids a situationwhere even the request destination apparatuses become infected with thecomputer virus as a result of establishing communication connection withthe MFP 10 (suspected infected apparatus) that has a relatively highpossibility of being infected with the computer virus. Thus, it ispossible to reduce the possibility that computer virus infection willexpand in the information processing system 1.

While the third embodiment is described as a variation of the firstembodiment by way of example, the present invention is not limited tothis example, and the idea of the third embodiment may be applied to thesecond embodiment.

While the third embodiment describes an example in which the connectionforbidding command (virus infection information) is included in thevirus scan request and transmitted to the request destinationapparatuses, the present invention is not limited to this example. Forexample, the connection forbidding command (virus infection information)may be transmitted as data different from the virus scan request to therequest destination apparatuses, instead of being included in the virusscan request. In this case, the virus scan request and the connectionforbidding command (virus infection information) may be transmitted atthe same time to the request destination apparatuses, or may betransmitted at different times to the request destination apparatuses.

While the third embodiment describes an example in which a singleapparatus (e.g., MFP 10 d) is identified as a suspected infectedapparatus and the request destination apparatuses are forbidden toestablish communication connection with this single apparatus identifiedas the suspected infected apparatus, the present invention is notlimited to this example.

For example, a plurality of apparatuses may be identified as suspectedinfected apparatuses, and the request destination apparatuses may beforbidden to establish communication connection with each of theseapparatuses identified as the suspected infected apparatuses.

More specifically, if the request source apparatus issuing a virus scanrequest (in the present example, MFP 10 a) has established communicationconnection with two MFPs 10 (e.g., MFPs 10 d and 10 f) within thepresumed infection period, these two MFPs 10, namely the MFPs 10 d and10 f, are identified as suspected infected apparatuses. Then, therequest destination apparatuses are forbidden to establish communicationconnection with each of the plurality of MFPs 10 (in the presentexample, two MFPs 10 including the MFPs 10 d and 10 f) identified as thesuspected infected apparatuses.

In this way, a plurality of apparatuses may be identified as suspectedinfected apparatuses, and the request destination apparatuses may beforbidden to establish communication connection with each of theapparatuses identified as the suspected infected apparatuses.

4. Fourth Embodiment

A fourth embodiment is a variation of the third embodiment. Thefollowing description focuses mainly on differences from the thirdembodiment.

According to the above-described third embodiment, the requestdestination apparatuses receiving a virus scan request are forbidden toestablish communication connection with an MFP 10 (e.g., MFP 10 d) thathas established communication connection with the request sourceapparatus issuing a virus scan request (in the present example, MFP 10a) within the presumed infection period. In other words, the requestdestination apparatuses are forbidden to establish communicationconnection with an MFP 10 (e.g., MFP 10 d) that is suspected of beinginfected with a computer virus.

According to the fourth embodiment, the request destination apparatusesreceiving a virus scan request are forbidden to use a function (e.g.,box storage function) that has been used by the request source apparatus(MFP 10 a) issuing a virus scan request within the presumed infectionperiod. In other words, the request destination apparatuses areforbidden to use a function (also referred to as a “suspectedcause-of-infection function”) that is suspected of being a cause ofinfection with the computer virus.

In the present example, if the MFP 10 a has used, for example, the boxstorage function within the presumed infection period (period from whenthe previous antivirus processing has been completed until the computervirus has been detected), the MFP 10 a may become infected with thecomputer virus due to having used the box storage function. If therequest destination apparatuses use such a function (function that has arelatively high possibility of being a cause of infection with thecomputer virus), they may also become infected with a computer virus (inparticular, the same computer virus as the computer virus infecting theMFP 10 a).

In consideration of this fact, according to the fourth embodiment, therequest destination apparatuses receiving a virus scan request areforbidden to use a function that has a relatively high possibility ofbeing a cause of infection with the computer virus (function suspectedof being a cause of infection with the computer virus; also referred toas a “suspected cause-of-infection function”).

More specifically, each MFP 10 has a record of information (usedfunction information) regarding functions used by the MFP 10.

FIG. 13 illustrates used function information for the MFP 10 a. In thepresent example, the used function information records that the MFP 10 ahas used a web browser function on Jul. 5, 2016 at 18:30 and has used abox storage function on Jul. 6, 2016 at 17:00.

The web browser function is a function of the MFP 10 exchanging varioustypes of data through communication with a web server. The box storagefunction is a function of storing various types of data in the MFP 10.In the present example, by using the box storage function, each MFP 10is capable of not only storing data and the like read by itself initself, but also storing data received from other MFPs 10 in itselfthrough communication with the other MFPs 10 different from itself.

Then, the request source apparatus issuing a virus scan request (in thepresent example, MFP 10 a) identifies a function that is used by therequest source apparatus within the presumed infection period (inparticular, function that involves communication connection with otherapparatuses; a suspected cause-of-infection function) on the basis ofthe used function information. In the present example, the requestsource apparatus (MFP 10 a) identifies the box storage function that isused within the presumed infection period (period from Jul. 5, 2016 at19:10 when the previous antivirus processing has been completed to Jul.6, 2016 at 19:05 when the computer virus has been detected) as asuspected cause-of-infection function. In short, the MFP 10 a ispresumed to have become infected with a computer virus due to havingused the box storage function within the period from Jul. 5, 2016 at19:10 to Jul. 6, 2016 at 19:05.

After having identified the suspected cause-of-infection function, therequest source apparatus (MFP 10 a) performs control so as to forbid therequest destination apparatuses (in the present example, MFPs 10 otherthan the MFP 10 a) to use the suspected cause-of-infection function.More specifically, the request source apparatus (MFP 10 a) transmits avirus scan request that includes a use forbidden command to forbid therequest destination apparatuses to use the suspected cause-of-infectionfunction, to the request destination apparatuses (step S15 in FIG. 4).In the present example, the virus infection information is included asthe use forbidden command in the virus scan request. The virus infectioninformation as used herein includes information regarding a functionthat is identified as the suspected cause-of-infection function (in thepresent example, box storage function).

Upon receiving the virus scan request, the request destinationapparatuses (e.g., MFP 10 c) receiving a virus scan request areforbidden to use the suspected cause-of-infection function on the basisof the use forbidden command (virus infection information) included inthe virus scan request. More specifically, the request destinationapparatuses are forbidden to use the function (suspectedcause-of-infection function; in the present example, the box storagefunction) included in the virus infection information. Note that therequest destination apparatuses are not forbidden to use functions otherthan the suspected cause-of-infection function (box storage function),such as a copy function, a scan function, and a web browser function.

Then, the request destination apparatuses perform a virus scan on thebasis of the virus scan request (steps S22 to S25). The content ofprocessing performed in steps S22 to S25 is the same as the content ofprocessing performed in the first embodiment.

In this way, according to the fourth embodiment, the request destinationapparatuses receiving a virus scan request are forbidden to use thefunction (function suspected of being a cause of infection with thecomputer virus) that has been used by the request source apparatusissuing a virus scan request (in the present example, MFP 10 a) withinthe presumed infection period. This avoids a situation where the requestdestination apparatuses will also become infected with computer viruses(in particular, the same computer virus as the computer virus infectingthe request source apparatus) due to having used a function that has arelatively high possibility of being a cause of infection with thecomputer virus. Thus, it is possible to reduce the possibility thatcomputer virus infection will expand in the information processingsystem 1.

While the fourth embodiment describes an example in which the useforbidden command (virus infection information) is included in the virusscan request and transmitted to the request destination apparatuses, thepresent invention is not limited to this example. For example, the useforbidden command (virus infection information) may be transmitted asseparate data different from the virus scan request to the requestdestination apparatuses, instead of being included in the virus scanrequest. In this case, the virus scan request and the use forbiddencommand (virus infection information) may be transmitted at the sametime to the request destination apparatuses, or may be transmitted atdifferent times to the request destination apparatuses.

While the fourth embodiment describes an example in which a singlefunction (e.g., box storage function) is identified as a suspectedcause-of-infection function and the request destination apparatuses areforbidden to use this single function identified as the suspectedcause-of-infection function, the present invention is not limited tothis example.

For example, a plurality of functions may be identified as suspectedcause-of-infection functions, and the request destination apparatusesmay be forbidden to use each of these functions identified as thesuspected cause-of-infection functions.

More specifically, when the request source apparatus issuing a virusscan request (in the present example, MFP 10 a) has used the box storagefunction and the copy function within the presumed infection period,these two functions, namely the box storage function and the copyfunction, are identified as suspected cause-of-infection functions.Then, the request destination apparatuses are forbidden to use each ofthe functions identified as the suspected cause-of-infection functions(in the present example, the two functions, namely the box storagefunction and the copy function).

In this way, a plurality of functions may be identified as suspectedcause-of-infection functions, and the request destination apparatusesmay be forbidden to use each of the functions identified as thesuspected cause-of-infection functions.

As another alternative, the request destination apparatuses may beforbidden to use at least one of the plurality of functions identifiedas suspected cause-of-infection functions.

More specifically, when the request source apparatus issuing a virusscan request (in the present example, MFP 10 a) has used the box storagefunction and the copy function within the presumed infection period, thetwo functions, namely the box storage function and the copy function,are identified as suspected cause-of-infection functions. Then, therequest destination apparatuses are forbidden to use only a functionthat involves communication connection with other apparatuses (in thepresent example, the box storage function) among the plurality offunctions identified as the suspected cause-of-infection functions (inthe present example, two functions including the box storage functionand the copy function). In other words, the request destinationapparatuses are not forbidden to use a function that does not involvecommunication connection with other apparatuses, even if that functionis identified as a suspected cause-of-infection function.

In this way, the request destination apparatuses may be forbidden to useat least one of a plurality of functions identified as suspectedcause-of-infection functions.

5. Fifth Embodiment

A fifth embodiment is a variation of the first embodiment. The followingdescription focuses mainly on differences from the first embodiment.

According to the above-described first embodiment, the requestdestination apparatuses receiving a virus scan request performs (orimmediately performs) a virus scan in response to receipt of a virusscan request.

According to the fifth embodiment, the virus scan request includes timedesignation information that designates a point in time (start time) inwhich the virus scan is started, and the request destination apparatusesreceiving a virus scan request perform a virus scan in response toarrival of the time designated by the time designation information.

During a virus scan, the processing speed of the MFPs 10 performing ajob such as a print job decreases due to increased processing load. As aresult, the operability of the MFPs 10 for users is deteriorated, e.g.,the speed of reaction of the MFPs 10 to user operations is reduced.Thus, if all request destination apparatuses start a virus scan inunison in response to receipt of a virus scan request, the processingload on all request destination apparatuses will increase, andaccordingly the user will feel poor operability when using any of therequest destination apparatuses.

In consideration of this fact, according to the fifth embodiment, therequest source apparatus designates the start time of the virus scan foreach request destination apparatus receiving a virus scan request, andeach request destination apparatus starts a virus scan in response toarrival of the designated start time.

More specifically, the request source apparatus issuing a virus scanrequest (e.g., MFP 10 a) transmits a virus scan request that includesthe time designation information for designating the start time of thevirus scan performed by each request destination apparatus, to therequest destination apparatuses (see step S15 in FIG. 4). Note that theMFP 10 a performs processing other than the processing performed in stepS15 in the same manner as in the first embodiment.

To be more specific, the request source apparatus (MFP 10 a) designatesthe start time of the virus scan for each request destination apparatusin accordance with a predetermined order of priority of a plurality ofMFPs 10.

FIG. 14 illustrates the priority of each MFP 10 (priority as to thevirus scan). In the present example, an MFP 10 that has relatively moreopportunities to establish communication connection with other MFPs 10is set higher in priority than an MFP 10 that has relatively fewopportunities to establish communication connection with other MFPs 10.For example, when the MFP 10 b has a relatively large-capacity storage 5and has relatively more opportunities to receive a request to use thebox storage function from other MFPs 10 (request to store data in thestorage 5 of the MFP 10 b), the MFP 10 b is set higher in priority thanthe other MFPs 10 (MFPs 10 other than the MFP 10 b). On the contrary, anMFP 10 that has relatively few opportunities to establish communicationconnection with other MFPs 10 is set low in priority.

The request source apparatus (MFP 10 a) designates the start time of thevirus scan for each request destination apparatus on the basis of thepriority set for each MFP 10 (priority as to a virus scan).

FIG. 15 illustrates the start time of the virus scan for each requestdestination apparatus. As illustrated in FIG. 15, the start time of thevirus scan for the MFP 10 (in the present example, MFP 10 b) that ishighest in priority is designated such that the MFP 10 b will start avirus scan at the very beginning. The start times of the virus scans forMFPs 10 (in the present example, MFPs 10 c, 10 d, and so on) that arelower in priority than the MFP 10 b are designated such that these MFPs10 start a virus scan after the start time of the virus scan for the MFP10 b. In the present example, a different start time is designated foreach request destination apparatus. The present invention is, however,not limited to this example, and the same start time may be designatedfor some of the request destination apparatuses (e.g., requestdestination apparatuses having the same priority).

Then, the request source apparatus (MFP 10 a) transmits a virus scanrequest that includes the time designation information for designatingthe start time of the virus scan for each request destination apparatus,to the request destination apparatuses (step S15).

Upon receipt of the virus scan request, the request destinationapparatuses receiving a virus scan request automatically perform a virusscan in response to arrival of the time designated by the timedesignation information included in the virus scan request. For example,the MFP 10 b automatically starts a virus scan in response to arrival ofthe start time (Jul. 6, 2016 at 19:10) designated for the MFP 10 b bythe time designation information. Similarly, the other MFPs 10 alsostart a virus scan in response to arrival of the time designated foreach MFP 10 by the time designation information.

In this way, according to the fifth embodiment, the virus scan requestincludes the time designation information for designating the start timeof the virus scan, and the request destination apparatuses receiving avirus scan request performs a virus scan in response to arrival of thetime designated by the time designation information. This configurationprevents all request destination apparatuses to start a virus scan inunison and prevents the processing load on all request destinationapparatuses to increase at the same time. Thus, it is possible toproperly protect the information processing system 1 from computerviruses in consideration of the operability for users.

While the fifth embodiment is described as a variation of the firstembodiment by way of example, the present invention is not limited tothis example, and the idea of the fifth embodiment may be applied toother embodiments.

While the fifth embodiment describes an example in which the start timeof the virus scan for each request destination apparatus is designatedon the basis of the priority of each MFP 10 (priority as to the virusscan), the present invention is not limited to this example. Forexample, the start time of the virus scan for each request destinationapparatus may be designated irrespective of the priority (e.g., inaccordance with the order of registration in the apparatus managementtable 400; see FIG. 7).

6. Sixth Embodiment

A sixth embodiment is a variation of the first embodiment. The followingdescription focuses mainly on differences from the first embodiment.

According to the sixth embodiment, each MFP 10 shares a processingresult of antivirus processing, in addition to performing the operationsdescribed in the above embodiments.

More specifically, after having completed the antivirus processing, eachrequest destination apparatus receiving a virus scan request (e.g., MFP10 c) transmits a processing result of the antivirus processing (reportof completion) to the request source apparatus (e.g., MFP 10 a) and tothe remaining request destination apparatuses (MFPs 10 b, 10 d, and soon).

To be more specific, after having completed a virus scan (step S25 inFIG. 5), the request destination apparatus (MFP 10 c) transmits aprocessing result of the virus scan as a processing result of theantivirus processing to the request source apparatus and the remainingrequest destination apparatuses. The request destination apparatus (MFP10 c) also transmits a security check report indicating that thisapparatus is confirmed to be capable of safe communication connection,as a processing result of the antivirus processing, to the requestsource apparatus and the remaining request destination apparatuses.

For example, if no computer viruses have been detected as a result ofthe virus scan (step S23) performed by the request destination apparatus(MFP 10 c), the MFP 10 c transmits a processing result indicating thatno computer viruses have been detected from the MFP 10 c to the requestsource apparatus and the remaining request destination apparatuses. Ifno computer viruses have been detected from the MFP 10 c, the MFP 10 calso transmits a virus non-existence report indicating that no computerviruses exist in the MFP 10 c (there is no possibility thatcommunication destination apparatuses will become infected with computerviruses due to communication connection with the MFP 10 c) as thesecurity check report to the request source apparatus and the remainingrequest destination apparatuses.

On the other hand, if a computer virus has been detected as a result ofthe virus scan (step S23) performed by the request destination apparatus(MFP 10 c), the MFP 10 c transmits a processing result indicating that acomputer virus has been detected from the MFP 10 c, to the requestsource apparatus and the remaining request destination apparatuses. If acomputer virus has been detected from the MFP 10 c, the MFP 10 c alsotransmits a security check report to the request source apparatus andthe remaining request destination apparatuses, on condition that therendering harmless processing has been performed on the computer virusdetected from the MFP 10 c (step S24). In other words, a virusdisinfection report indicating that there is no possibility thatcommunication destination apparatuses will become infected with computerviruses due to communication connection with the MFP 10 c is transmittedas the security check report to the request source apparatus and theremaining request destination apparatuses.

The request source apparatus issuing a virus scan request (MFP 10 a)also transmits a processing result of the antivirus processing (reportof completion) to each request destination apparatus (in the presentexample, MFPs 10 other than the MFP 10 a) after having completed theantivirus processing.

To be more specific, after having completed a virus scan (step S16 inFIG. 4), the request source apparatus (MFP 10 a) transmits a processingresult of the virus scan as a processing result of the antivirusprocessing to each request destination apparatus. In the presentexample, a computer virus has been detected by the virus scan performedby the MFP 10 a, as described above. Thus, after having completed thevirus scan, the MFP 10 a transmits a processing result indicating that acomputer virus has been detected from the MFP 10 a to each requestdestination apparatus (each MFP 10). The MFP 10 a also transmits asecurity check report indicating that the MFP 10 a is confirmed to becapable of safe communication connection as a processing result of theantivirus processing to each request destination apparatus, on conditionthat the rendering harmless processing has been performed on thecomputer virus detected from the MFP 10 a (step S14). In other words, avirus disinfection report indicating that there is no possibility thatcommunication destination apparatuses will become infected with computerviruses due to communication connection with the MFP 10 a is transmittedas the security check report to each request destination apparatus.

In this way, each MFP 10 transmits the processing result of the virusscan performed by itself and the security check report to the MFPs 10other than itself as a processing result of the antivirus processing.Then, each MFP 10 receives processing results of the antivirusprocessing performed by the MFPs 10 other than itself (processingresults of virus scans and security check reports). That is, each MFP 10shares the processing results of antivirus processing performed by theMFPs 10 other than itself.

Each MFP 10 uses the processing results of antivirus processingperformed by the MFPs 10 other than itself, as follows.

More specifically, each MFP 10 displays the processing results ofantivirus processing performed by the MFPs 10 other than itself(processing results of virus scans and security check reports) on thetouch panel 25 upon receiving the processing results. In other words,each MFP 10 displays processing statuses of antivirus processingperformed by the plurality of MFPs 10 constituting the informationprocessing system 1.

FIG. 16 illustrates an antivirus processing status screen 500(501) thatdisplays the processing statuses of antivirus processing performed bythe plurality of MFPs 10.

For example, a request destination apparatus (e.g., MFP 10 c) displaysreceipt of a virus scan request on the antivirus processing statusscreen 501 upon receiving a virus scan request from the request sourceapparatus (in the present example, MFP 10 a). Then, the MFP 10 cdisplays the processing results of antivirus processing performed byMFPs 10 other than itself (processing results of virus scans andsecurity check reports) on the antivirus processing status screen 501upon receiving these processing results.

For example, the MFP 10 c displays the processing result of antivirusprocessing performed by the MFP 10 d on the antivirus processing statusscreen 501 upon receiving this processing result. More specifically, theprocessing result of the virus scan performed by the MFP 10 d (in thepresent example, processing result indicating that a computer virus hasbeen detected from the MFP 10 d) is displayed on the antivirusprocessing status screen 501. In addition, a message that is based onthe security check report received from the MFP 10 d is also displayedon the antivirus processing status screen 501. To be more specific, amessage based on the security check report from the MFP 10 d andindicating that the MFP 10 d is confirmed to be capable of safecommunication connection (i.e., rendering harmless processing has beenperformed on the computer virus detected from the MFP 10 d) is displayedon the antivirus processing status screen 501.

Note that the processing result of antivirus processing is not receivedfrom an MFP 10 that has not yet completed the antivirus processing, andthe antivirus processing status screen 501 (see FIG. 16) displays thatsuch an MFP 10 (in the present example, MFP 10 b) is currentlyperforming the antivirus processing (virus scan).

In this way, each MFP 10 displays the processing status (processingresult) of antivirus processing performed by each MFP 10.

This enables a manager of each MFP 10 (e.g., an administrator of theinformation processing system 1) to grasp information regarding theother MFPs 10 such as computer virus infection conditions and progressstatuses of antivirus processing (virus scans).

While the sixth embodiment is described as a variation of the firstembodiment by way of example, the present invention is not limited tothis example, and the idea of the sixth embodiment may be applied toother embodiments.

While the sixth embodiment describes an example in which each MFP 10transmits and receives both of the processing result of a virus scan andthe security check report as the processing result of antivirusprocessing, the present invention is not limited to this example. Forexample, each MFP 10 may transmit and receive either the processingresult of a virus scan or the security check report as the processingresult of antivirus processing.

More specifically, each MFP 10 may transmit and receive only thesecurity check report as the processing result of antivirus processing.Then, upon receiving a security check report, each MFP 10 may display amessage saying that the MFP 10 from which the security check report hasbeen transmitted is confirmed to be capable of safe communicationconnection and a message saying that the virus scan is completed, on theantivirus processing status screen 500.

Alternatively, each MFP 10 may transmit and receive only the processingresult of a virus scan as the processing result of antivirus processing.Then, upon receiving the processing result of a virus scan, each MFP 10may display whether a computer virus has been detected from the MFP 10from which the processing result has been transmitted, on the antivirusprocessing status screen 500.

While the sixth embodiment describes an example in which the securitycheck report is used to display the processing result of antivirusprocessing performed by each MFP 10, the present invention is notlimited to this example, and the security check report may be used inthe following instance.

For example, when a request destination apparatus has received an accessrequest from an apparatus other than itself during execution of a virusscan, the security check report may be used to introduce informationregarding an alternate apparatus that serves as a substrate for therequest destination apparatus to the transmission source apparatus thathas issued the access request.

More specifically, a request destination apparatus (e.g., MFP 10 c)receives the processing result of a virus scan and a security checkreport (report indicating that an MFP 10 is confirmed to be capable ofsafe communication connection) from an MFP 10 that has completedantivirus processing. Then, if the request destination apparatus (MFP 10c) has received an access request from an apparatus (e.g., MFP 10 e)other than itself among the plurality of MFPs 10 while having not yetcompleted its virus scan, the MFP 10 c identifies an alternate apparatusserving as a substrate for itself. To be specific, the requestdestination apparatus (MFP 10 c) identifies an alternate apparatus thatserves as a substrate for the MFP 10 c to establish communicationconnection with the transmission source apparatus (MFP 10 e) havingissued the access request, on the basis of the security check reportreceived from the other MFPs 10. To be more specific, an MFP 10 (e.g.,MFP 10 b) that has already completed antivirus processing and that isconfirmed to be capable of safe communication connection, among theplurality of MFPs 10, is identified as an alternate apparatus serving asa substrate for the request destination apparatus (MFP 10 c) on thebasis of the security check report received from the MFP 10 b.

Then, the request destination apparatus (MFP 10 c) transmits information(alternate apparatus information) regarding the identified alternateapparatus (in the present example, MFP 10 b) to the transmission sourceapparatus (MFP 10 e) that has issued the access request. In other words,the apparatus (in the present example, MFP 10 c) that has not yet beenconfirmed to be capable of safe communication connection introduces anMFP 10 (in the present example, MFP 10 b) that is confirmed to becapable of safe communication connection, as an alternate apparatusserving as a substitute for itself to the transmission source apparatus(in the present example, MFP 10 e) that has issued the access request.Then, the request destination apparatus (MFP 10 c) disconnects thecommunication with the transmission source apparatus (MFP 10 e) afterhaving transmitted the alternate apparatus information to thetransmission source apparatus (MFP 10 e) that has issued the accessrequest.

The transmission source apparatus (MFP 10 e) that has issued the accessrequest establishes communication connection with the alternateapparatus (MFP 10 b) on the basis of the alternate apparatus informationreceived from the MFP 10 c, and transmits an access request to the MFP10 b.

FIG. 21 illustrates an introduction screen 700 for introducing analternate apparatus. The introduction screen 700 is displayed on thetouch panel 25 of the transmission source apparatus having issued anaccess request (in the present example, MFP 10 e). The introductionscreen 700 displays a message that prompts the user to establishcommunication connection with an alternate apparatus (new transmissiondestination apparatus that receives an access request; MFP 10 b),instead of the MFP 10 c (original transmission destination apparatusthat receives an access request), as illustrated in FIG. 21.

For example, when the user wants to establish communication connectionwith the introduced alternate apparatus (MFP 10 b), the user presses anOK button 701 on the introduction screen 700. When the OK button 701 ispressed, the transmission source apparatus (MFP 10 e) determines thealternate apparatus (MFP 10 b) as a new transmission destinationapparatus that receives the access request, and transmits the accessrequest to the MFP 10 b. If a “CANCEL” button 702 is pressed on theintroduction screen 700, for example, the MFP 10 e displays a selectionscreen (not shown) for re-selecting a transmission destination apparatusthat receives the access request, and the user re-selects a desiredtransmission destination apparatus.

In this way, the request destination apparatuses may use the securitycheck reports received from the other MFPs 10 to introduce an MFP 10that has completed a virus scan to the transmission source apparatusthat has issued the access request.

Alternatively, in the above-described third embodiment, the securitycheck reports from the other MFPs 10 may be used to again enablecommunication connection that the request destination apparatus isforbidden to establish (i.e., communication connection with a suspectedinfected apparatus).

More specifically, if a request destination apparatus (e.g., MFP 10 c)is forbidden to establish communication connection with a suspectedinfected apparatus (e.g., MFP 10 d) and thereafter the MFP 10 d hascompleted antivirus processing and is confirmed to be capable of safecommunication connection, communication connection between the MFP 10 cand the MFP 10 d may be enabled.

To be more specific, after having completed antivirus processing, thesuspected infected apparatus (in the present example, MFP 10 d)transmits not only the processing result of a virus scan performed byitself but also the security check report to the MFPs 10 other than theMFP 10 d (in the present example, MFPs 10 a, 10 b, 10 c, 10 e, and soon). In response to receipt of the security check report from thesuspected infected apparatus (MFP 10 d), a request destination apparatus(MFP 10 c) displays a PERMIT button 510 for permitting communicationconnection with the MFP 10 d on an antivirus processing status screen502 (FIG. 17). If the user (e.g., manager) has pressed the PERMIT button510, communication connection between the MFPs 10 c and 10 d ispermitted again.

In the present example, when a request destination apparatus (e.g., MFP10 c) has accepted the press of the PERMIT button 510, only the MFP 10 cis permitted to establish communication connection with the suspectedinfected apparatus (in the present example, MFP 10 d). The presentinvention is, however, not limited to this example. For example, whenthe request destination apparatus (MFP 10 c) has accepted the press ofthe PERMIT button 510, not only the MFP 10 c but also the other MFPs 10(e.g., the request source apparatus and the request destinationapparatuses other than the MFP 10 c) may also be permitted to establishcommunication connection with the suspected infected apparatus (MFP 10d).

While in the present example, a request destination apparatus (MFP 10 c)is permitted to establish communication connection with the suspectedinfected apparatus (MFP 10 d) in response to pressing of the PERMITbutton 510 by the user, the present invention is not limited to thisexample. For example, the request destination apparatus (MFP 10 c) maybe automatically permitted to establish communication connection withthe suspected infected apparatus (MFP 10 d) in response to receipt of areport of completion from the suspected infected apparatus (MFP 10 d).

7. Variations

While the above has been a description of embodiments of the presentinvention, the present invention is not intended to be limited to theexamples described above.

Variation on Forbidden Communication Connection with Suspected InfectedApparatus (Third Embodiment)

While the above third embodiment and other embodiments describe anexample in which the request destination apparatuses receiving a virusscan request are unconditionally forbidden to establish communicationconnection with a suspected infected apparatus, the present invention isnot limited to this example, and the request destination apparatuses maybe forbidden to establish communication connection with a suspectedinfected apparatus if a predetermined condition is satisfied.

More specifically, the request destination apparatuses may perform avirus scan of an access request itself (data constituting the accessrequest) received from the suspected infected apparatus, and may beforbidden to establish communication connection with the suspectedinfected apparatus if a computer virus has been detected from the accessrequest itself.

FIG. 11 is a flowchart of operations performed by a request destinationapparatus (request destination apparatus receiving a virus scan request)when having received an access request from another MFP 10 duringexecution of a virus scan. The flowchart in FIG. 11 is performed as aseparate procedure different from the flowchart in FIG. 5 (flowchart ofoperations performed by the request destination apparatus when havingreceived a virus scan request).

In step S41, a request destination apparatus (e.g., MFP 10 c) determineswhether it has received an access request from another MFP 10 other thanitself during execution of its virus scan. If the MFP 10 c has receivedan access request from the other MFP 10 during execution of its virusscan, the procedure proceeds from step S41 to step S42. For example, ifthe MFP 10 c has received a request to use the box storage function(request to store data in the storage 5 of the MFP 10 c) from anotherMFP 10 during execution of its virus scan, the procedure proceeds tostep S42.

In step S42, the request destination apparatus (MFP 10 c) determines, onthe basis of the virus infection information included in the virus scanrequest, whether the transmission source apparatus that has issued theaccess request is a suspected infected apparatus (MFP 10 included in thevirus infection information; e.g., MFP 10 d).

For example, if it is determined in step S42 that the transmissionsource apparatus having issued the access request is not a suspectedinfected apparatus (MFP 10 d), the flowchart in FIG. 11 ends, and therequest destination apparatus (MFP 10 c) is not forbidden to establishcommunication connection with the transmission source apparatus. Then,to-be-stored data received from the transmission source apparatus isstored in the storage 5 of the MFP 10 c on the basis of the request touse the box storage function from the transmission source apparatus.

On the other hand, if it is determined in step S42 that the transmissionsource apparatus having issued the access request is a suspectedinfected apparatus (MFP 10 d), the procedure proceeds to step S43, inwhich the request destination apparatus (MFP 10 c) performs a virus scanof the data constituting the access request received from thetransmission source apparatus (suspected infected apparatus; in thepresent example, MFP 10 d).

Then, it is determined in step S44 whether a computer virus has beendetected by the virus scan of the data constituting the access request.

For example, if no computer viruses have been detected from the dataconstituting the access request, the flowchart in FIG. 11 ends, and therequest destination apparatus (in the present example, MFP 10 c) is notforbidden to establish communication connection with the transmissionsource apparatus having issued the access request (suspected infectedapparatus; MFP 10 d). Then, the to-be-stored data received from the MFP10 d is stored in the storage 5 of the MFP 10 c on the basis of therequest to use the box storage function from the transmission sourceapparatus having issued the access request (MFP 10 d).

On the other hand, if a computer virus has been detected from the dataconstituting the access request, the procedure proceeds to steps S45 toS47, and the request destination apparatus (MFP 10 c) is forbidden toestablish communication connection with the suspected infected apparatus(MFP 10 d). More specifically, the request destination apparatus (MFP 10c) performs rendering harmless processing (e.g., processing forcombating the computer virus) on the computer virus detected from thedata constituting the access request (step S45). Then, the requestdestination apparatus (MFP 10 c) disconnects the communication with thetransmission source apparatus having issued the access request(suspected infected apparatus; in the present example, MFP 10 d) (stepS46), and the MFP 10 c is forbidden to establish communicationconnection with the MFP 10 d (step S47).

In this way, the request destination apparatus may perform a virus scanof the data constituting an access request received from a suspectedinfected apparatus, and may be forbidden to establish communicationconnection with the suspected infected apparatus if a computer virus hasbeen detected from the access request itself.

As another alternative, the request destination apparatus may beforbidden to establish communication connection with a suspectedinfected apparatus if the access request from the suspected infectedapparatus is a request to use a suspected cause-of-infection function.

More specifically, the request source apparatus issuing a virus scanrequest transmits a virus scan request that includes the connectionforbidding command (virus infection information) to the other MFPs 10(request destination apparatuses) as in the third embodiment (step S15).Note that the virus infection information includes information regardinga suspected infected apparatus (e.g., MFP 10 d) and informationregarding a suspected cause-of-infection function (e.g., box storagefunction; see the fourth embodiment).

Then, each request destination apparatus performs the followingoperations.

FIG. 12 is a flowchart of operations performed by each requestdestination apparatus (request destination apparatus receiving a virusscan request) when having received an access request from another MFP 10during execution of its virus scan. The flowchart in FIG. 12 isperformed as a separate procedure different from the flowchart in FIG. 5(flowchart of operations performed by the request destination apparatuswhen having received a virus scan request).

More specifically, when having received an access request from anapparatus other than itself during execution of a virus scan based onthe virus scan request (step S51), the request destination apparatus(e.g., MFP 10 c) determines, on the basis of the virus infectioninformation included in the virus scan request, whether the transmissionsource apparatus that has issued the access request is a suspectedinfected apparatus (step S52).

For example, if it is determined in step S52 that the transmissionsource apparatus having issued the access request is not a suspectedinfected apparatus (e.g., MFP 10 d), the flowchart in FIG. 12 ends, andthe request destination apparatus (in the present example, MFP 10 c) isnot forbidden to establish communication connection with thetransmission source apparatus.

On the other hand, if it is determined in step S52 that the transmissionsource apparatus having issued the access request is a suspectedinfected apparatus (MFP 10 d), the procedure proceeds to step S53, inwhich it is determined whether the access request received from thesuspected infected apparatus (MFP 10 d) is a request to use a suspectedcause-of-infection function included in the virus infection information.

For example, if the access request from the suspected infected apparatusis a request to use the print function, it is determined in step S53that the access request is not a request to use the suspectedcause-of-infection function (in the present example, box storagefunction), and the flowchart in FIG. 12 ends. That is, the requestdestination apparatus (MFP 10 c) is not forbidden to establishcommunication connection with the transmission source apparatus(suspected infected apparatus; in the present example, MFP 10 d). Inother words, even if an access request has been received from thesuspected infected apparatus, the request destination apparatus is notforbidden to establish communication connection with the suspectedinfected apparatus if the access request is not a request to use thesuspected cause-of-infection function.

On the other hand, if the access request from the suspected infectedapparatus (MFP 10 d) is a request to use the suspectedcause-of-infection function (box storage function), the procedureproceeds to step S54, and the access request is rejected. Then, therequest destination apparatus (MFP 10 c) is forbidden to establishcommunication connection with the suspected infected apparatus (MFP 10d) (step S55).

In this way, the request destination apparatus may be forbidden toestablish communication connection with the suspected infected apparatusif the access request from the suspected infected apparatus is a requestto use the suspected cause-of-infection function.

Variation on Disabling Network Function

In addition to the operations described in the above embodiments, thenetwork function of the request source apparatus issuing a virus scanrequest (e.g., MFP 10 a) may be disabled after the request sourceapparatus has transmitted a virus scan request to the requestdestination apparatuses (step S15 in FIG. 4). Then, the MFP 10 a mayenable its network function again after the request source apparatus(MFP 10 a) has completed antivirus processing and is confirmed to becapable of safe communication connection (step S16).

In this case, the network function of the MFP 10 a is disabled until itis ensured that the MFP 10 (in the present example, MFP 10 a) from whichthe computer virus is detected is capable of safe communicationconnection. This configuration further reduces the possibility thatcomputer virus infection will expand.

In addition to the operations described in the above embodiments, thenetwork function of a request destination apparatus may be disabled if acomputer virus has been detected by a virus scan performed by therequest destination apparatus.

More specifically, a request destination apparatus (e.g., MFP 10 c) maydisable its network function if a computer virus has been detected as aresult of the virus scan performed on the basis of the virus scanrequest (step S22 in, for example, FIG. 5). Then, the requestdestination apparatus (MFP 10 c) may enable its network function againafter the MFP 10 c has completed the antivirus processing and isconfirmed to be capable of safe communication connection (step S25).

In this case, if a request destination apparatus is infected with acomputer virus, the request destination apparatus disables its networkfunction until it is ensured that the request destination apparatuses iscapable of safe communication connection. This configuration furtherreduces the possibility that computer virus infection will expand.

Variation on Manual Execution of Virus Scan by Request DestinationApparatus

While the above embodiments describe an example in which the requestdestination apparatuses automatically perform a virus scan, the presentinvention is not limited to this example, and the request destinationapparatuses may perform a virus scan in response to a user instructionto start a virus scan.

More specifically, upon receiving a virus scan request from the requestsource apparatus, each request destination apparatus notifies the user(e.g., manager) of an execution request that a virus scan be performedby the request destination apparatus. To be more specific, a scanexecution request screen 600 (see FIG. 18) for requesting the user toperform a virus scan is displayed on the touch panels 25 of the requestdestination apparatus. The scan execution request screen 600 displays amessage saying that a computer virus has been detected from an MFP 10(in the present example, MFP 10 a) in the information processing system1 and a message saying that the request destination apparatus needs toperform a virus scan. The scan execution request screen 600 alsodisplays an execution start button 601 for instructing the start of avirus scan.

The user (e.g., manager) performs, for example, settings relating to avirus scan (e.g., settings such as increasing the number of directoriesto be scanned) and thereafter presses the execution start button 601 togive an instruction to start a virus scan. When the user has given aninstruction to start a virus scan in response to the execution request,the request destination apparatus performs a virus scan.

In this way, the request destination apparatuses may perform a virusscan in response to the user issuing an instruction to start a virusscan.

Variations on Transmission Destination Receiving Virus Scan Request

While the above embodiments describe an example in which the requestsource apparatus issuing a virus scan request (e.g., MFP 10 a) transmitsa virus scan request to each of a plurality of MFPs 10 (e.g., 10 b, 10c, 10 d, and so on) (step S15 in FIG. 4), the present invention is notlimited to this example.

For example, the request source apparatus (e.g., MFP 10 a) may transmita virus scan request to only a specific MFP 10 (e.g., MFP 10 e) amongthe plurality of MFPs 10 as illustrated in FIG. 19. Then, the specificMFP 10 (MFP 10 e) may transmit (transfer) the virus scan requestreceived from the MFP 10 a to the remaining MFPs 10 excluding therequest source apparatus (MFP 10 a) and itself (MFP 10 e).

More specifically, when a computer virus has been detected from an MFP10 (e.g., MFP 10 a) (step S12 in FIG. 4), the MFP 10 a transmits a virusscan request to a specific MFP 10 (e.g., MFP 10 e) after steps S13 andS14 (step S15). For example, when the information processing system 1 isan ubiquitous system that includes no server devices, the MFP 10 atransmits a virus scan request to an MFP 10 (e.g., MFP 10 e) thatfunctions as a server device.

Then, upon receiving the virus scan request from the request sourceapparatus (MFP 10 a), the MFP 10 e performs a virus scan and transfersthe virus scan request to the other MFPs 10 (10 b, 10 c, 10 d, 10 f, andso on). In other words, the MFP 10 e not only operates as a requestdestination apparatus receiving a virus scan request and performs avirus scan, but also transfers the virus scan request to the other MFPs10 (10 b, 10 c, 10 d, 10 f, and so on). Thereafter, the MFPs 10 such asMFPs 10 b, 10 c, 10 d, and 10 f that have received the virus scanrequest perform a virus scan on the basis of the virus scan request.

In this way, the request source apparatus issuing a virus scan requestmay transmit a virus scan request to only a specific MFP 10.

As another alternative, the request source apparatus issuing a virusscan request (MFP 10 a) may transmit a virus scan request to only aserver device 80 (step S15) as illustrated in FIG. 20. Then, the serverdevice 80 may transmit (transfer) the virus scan request received fromthe request source apparatus (MFP 10 a) to the remaining MFPs 10excluding the request source apparatus (MFP 10 a) among the plurality ofMFPs 10.

More specifically, if a computer virus has been detected from the MFP 10a (step S12), the MFP 10 a transmits a virus scan request to the serverdevice 80 after steps S13 and S14 (step S15).

Upon receiving the virus scan request from the request source apparatus(MFP 10 a), the server device 80 performs a virus scan and transfers thevirus scan request to the MFPs 10 (10 b, 10 c, 10 d, and so on) otherthan the MFP 10 a. In other words, the server device 80 not onlyoperates as a request destination apparatus receiving the virus scanrequest and performs a virus scan, but also transfers the virus scanrequest to the MFPs 10 (10 b, 10 c, 10 d, and so on) other than therequest source apparatus. Thereafter, the MFPs such as MFPs 10 b, 10 c,and 10 d that have received the virus scan request perform a virus scanon the basis of the virus scan request.

In this way, the request source apparatus issuing a virus scan request(in the present example, MFP 10 a) may transmit a virus scan request toonly a specific apparatus (i.e., the specific MFP 10 or the serverdevice 80).

While in the present example, the virus scan request is transmitted andreceived via a specific apparatus (e.g., the specific MFP 10 or theserver device 80), the present invention is not limited to this example.For example, in the sixth embodiment, the processing result of antivirusprocessing may be transmitted or received via the specific apparatus.

Other Variations

While the above embodiments describe an example in which the informationprocessing system 1 is configured by only MFPs 10 (or by MFPs 10 and theserver device 80), the present invention is not limited to this example,and the information processing system 1 may also include personalcomputers as its constituent elements. Alternatively, the informationprocessing system 1 may be configured by only personal computers.

Although embodiments of the present invention have been described andillustrated in detail, it is clearly understood that the same is by wayof illustration and example only and not limitation, the scope of thepresent invention should be interpreted by terms of the appended claims.

What is claimed is:
 1. An information processing system comprising: aplurality of information processing apparatuses, one informationprocessing apparatus among the plurality of information processingapparatuses including: a first hardware processor; and a firsttransmitter, wherein the first hardware processor causes the oneinformation processing apparatus to perform virus detection processingfor detecting a computer virus, and if a computer virus is detected fromthe one information processing apparatus by the virus detectionprocessing, the first hardware processor causes the first transmitter totransmit an execution request to perform the virus detection processingto another information processing apparatus different from the oneinformation processing apparatus among the plurality of informationprocessing apparatuses.
 2. The information processing system accordingto claim 1, wherein one request destination apparatus that is one of theplurality of information processing apparatuses and that receives theexecution request includes: a receiver that receives the executionrequest; and a second hardware processor that causes the one requestdestination apparatus to automatically perform the virus detectionprocessing on the basis of the execution request.
 3. The informationprocessing system according to claim 2, wherein the second hardwareprocessor causes the one request destination apparatus to automaticallyperform the virus detection processing in response to receipt of theexecution request.
 4. The information processing system according toclaim 2, wherein the execution request includes time designationinformation that designates a start time of the virus detectionprocessing performed by the one request destination apparatus, and thesecond hardware processor causes the one request destination apparatusto automatically perform the virus detection processing in response toarrival of the time designated by the time designation information afterreceipt of the execution request.
 5. The information processing systemaccording to claim 4, wherein the time designation informationdesignates the start time of the virus detection processing performed bythe one request destination apparatus in accordance with a predeterminedorder of priority of the plurality of information processingapparatuses.
 6. The information processing system according to claim 1,wherein one request destination apparatus that is one of the pluralityof information processing apparatuses and that receives the executionrequest includes: a receiver that receives the execution request; and asecond hardware processor that, when the execution request is received,notifies a user of an execution commission to cause the one requestdestination apparatus to perform the virus detection processing, andcauses the one request destination apparatus to perform the virusdetection processing in response to the user giving an instruction tostart the virus detection processing in accordance with the executioncommission.
 7. The information processing system according to claim 2,wherein the second hardware processor performs the virus detectionprocessing on data constituting the execution request when the executionrequest is received.
 8. The information processing system according toclaim 2, wherein the execution request includes virus infectioninformation, the virus infection information includes informationregarding a suspected infected apparatus that has establishedcommunication connection with the one information processing apparatuswithin a presumed infection period and that is suspected of beinginfected with the computer virus, the presumed infection period being aperiod during which the one information processing apparatus is presumedto have become infected with the computer virus, the presumed infectionperiod is a period from when the one information processing apparatushas been confirmed to be capable of safe communication connection byprevious virus detection processing performed by the one informationprocessing apparatus until the computer virus has been detected from theone information processing apparatus, and the second hardware processorforbids the one request destination apparatus to establish communicationconnection with the suspected infected apparatus on the basis of thevirus infection information.
 9. The information processing systemaccording to claim 8, wherein when an access request is received fromthe suspected infected apparatus, the second hardware processor performsthe virus detection processing on data constituting the access request,and when a computer virus has been detected from the data constitutingthe access request, the second hardware processor disconnectscommunication connection between the one request destination apparatusand the suspected infected apparatus and forbids the one requestdestination apparatus to establish communication connection with thesuspected infected apparatus.
 10. The information processing systemaccording to claim 8, wherein the virus infection information furtherincludes information regarding a suspected cause-of-infection functionthat has been used by the one information processing apparatus withinthe presumed infection period and that is suspected of being a cause ofinfection with the computer virus, and when a use request to use thesuspected cause-of-infection function is received from the suspectedinfected apparatus, the second hardware processor rejects the userequest and forbids the one request destination apparatus to establishcommunication connection with the suspected infected apparatus.
 11. Theinformation processing system according to claim 2, wherein theexecution request includes virus infection information, the virusinfection information includes information regarding a suspectedcause-of-infection function that has been used by the one informationprocessing apparatus within a presumed infection period and that issuspected of being a cause of infection with the computer virus, thepresumed infection period being a period during which the oneinformation processing apparatus is presumed to have become infectedwith the computer virus, the presumed infection period is a period fromwhen the one information processing apparatus has been confirmed to becapable of safe communication connection by previous virus detectionprocessing performed by the one information processing apparatus untilthe computer virus has been detected from the one information processingapparatus, and the second hardware processor forbids the one requestdestination apparatus to use the suspected cause-of-infection functionon the basis of the virus infection information.
 12. The informationprocessing system according to claim 2, wherein the one requestdestination apparatus is one of a plurality of request destinationapparatuses that receive the execution request, the one requestdestination apparatus further includes a second transmitter, and when nocomputer viruses have been detected by the virus detection processingperformed by the one request destination apparatus, the second hardwareprocessor of the one request destination apparatus causes the secondtransmitter to transmit a security check report to remaining requestdestination apparatuses of the plurality of request destinationapparatuses excluding the one request destination apparatus, thesecurity check report being a report indicating that the one requestdestination apparatus is confirmed to be capable of safe communicationconnection.
 13. The information processing system according to claim 2,wherein the one request destination apparatus is one of a plurality ofrequest destination apparatuses that receive the execution request, theone request destination apparatus further includes a second transmitter,when a computer virus has been detected by the virus detectionprocessing performed by the one request destination apparatus, thesecond hardware processor of the one request destination apparatusperforms rendering harmless processing for rendering harmless thecomputer virus that has been detected, and when a computer virus hasbeen detected by the virus detection processing performed by the onerequest destination apparatus, the second hardware processor causes thesecond transmitter to transmit a security check report to remainingrequest destination apparatuses of the plurality of request destinationapparatuses excluding the one request destination apparatus, oncondition that the rendering harmless processing has been performed onthe computer virus that has been detected, the security check reportbeing a report indicating that the one request destination apparatus isconfirmed to be capable of safe communication connection.
 14. Theinformation processing system according to claim 2, wherein when thecomputer virus has been detected by the virus detection processingperformed by the one information processing apparatus, the firsthardware processor of the one information processing apparatus performsrendering harmless processing for rendering harmless the computer virusthat has been detected; and when the computer virus has been detected bythe virus detection processing performed by the one informationprocessing apparatus, the first hardware processor causes the firsttransmitter to transmit a security check report to the one requestdestination apparatus, on condition that the rendering harmlessprocessing has been performed on the computer virus that has beendetected, the security check report being a report indicating that theone information processing apparatus is confirmed to be capable of safecommunication connection.
 15. The information processing systemaccording to claim 12, wherein the second hardware processor of the onerequest destination apparatus causes the receiver of the one requestdestination apparatus to receive the security check report from at leastone apparatus of the plurality of information processing apparatusesother than the one request destination apparatus, and the secondhardware processor causes a display of the one request destinationapparatus to display a display content that is based on the securitycheck report received from the at least one apparatus.
 16. Theinformation processing system according to claim 12, wherein the secondhardware processor of the one request destination apparatus causes thereceiver of the one request destination apparatus to receive thesecurity check report from at least one apparatus of the plurality ofinformation processing apparatuses other than the one requestdestination apparatus, when an access request is received from anotherinformation processing apparatus different from the one requestdestination apparatus while the one request destination apparatus hasnot yet completed the virus detection processing, the second hardwareprocessor identifies an alternate information processing apparatus fromamong the plurality of information processing apparatuses on the basisof the security check report, the alternate information processingapparatus being an information processing apparatus that is confirmed tobe capable of safe communication connection and that serves as asubstrate for the one request destination apparatus to establishcommunication connection with a transmission source apparatus that hasissued the access request, and the second hardware processor causes thesecond transmitter of the one request destination apparatus to transmitinformation regarding the alternate information processing apparatusthat has been identified and information regarding the transmissionsource apparatus that has issued the access request.
 17. The informationprocessing system according to claim 2, wherein the second hardwareprocessor of the one request destination apparatus causes the receiverto receive a processing result from at least one apparatus of theplurality of information processing apparatuses other than the onerequest destination apparatus, the processing result being a processingresult of the virus detection processing performed by the at least oneapparatus, and the second hardware processor causes a display of the onerequest destination apparatus to display the processing result receivedfrom the at least one apparatus.
 18. The information processing systemaccording to claim 2, wherein when a computer virus has been detected bythe virus detection processing performed on the basis of the executionrequest by the one request destination apparatus, the second hardwareprocessor disables a network communication function of the one requestdestination apparatus, and the second hardware processor enables thenetwork communication function of the one request destination apparatusagain after the one request destination apparatus has completed thevirus detection processing and is confirmed to be capable of safecommunication connection.
 19. The information processing systemaccording to claim 1, wherein the first hardware processor disables anetwork communication function of the one information processingapparatus after transmission of the execution request, and the firsthardware processor enables the network communication function of the oneinformation processing apparatus again after the one informationprocessing apparatus has completed the virus detection processing and isconfirmed to be capable of safe communication connection.
 20. Theinformation processing system according to claim 1, wherein theplurality of information processing apparatuses include a plurality ofimage processing apparatuses, and when the computer virus has beendetected from the one information processing apparatus, the firsthardware processor causes the first transmitter to transmit theexecution request to each of the plurality of image processingapparatuses.
 21. The information processing system according to claim 1,wherein the plurality of information processing apparatuses are aplurality of image processing apparatuses, the one informationprocessing apparatus is one image processing apparatus among theplurality of image processing apparatuses, when the computer virus hasbeen detected from the one image processing apparatus, the firsthardware processor causes the first transmitter to transmit theexecution request to a specific image processing apparatus among theplurality of image processing apparatuses, and when having received theexecution request from the one image processing apparatus, the specificimage processing apparatus transfers the execution request to remainingimage processing apparatuses of the plurality of image processingapparatuses, excluding the one image processing apparatus and thespecific image processing apparatus.
 22. The information processingsystem according to claim 1, wherein the plurality of informationprocessing apparatuses includes a server device, when the computer virushas been detected from the one information processing apparatus, thefirst hardware processor causes the first transmitter to transmit theexecution request to the server device, and when having received theexecution request from the one information processing apparatus, theserver device transfers the execution request to remaining informationprocessing apparatuses of the plurality of information processingapparatuses, excluding the one information processing apparatus and theserver device.
 23. An information processing apparatus that is oneconsistent element of an information processing system configured by aplurality of information processing apparatuses, the informationprocessing apparatus comprising: a hardware processor; and atransmitter, wherein the hardware processor causes the informationprocessing apparatus to perform virus detection processing for detectinga computer virus, and when a computer virus has been detected from theinformation processing apparatus by the virus detection processing, thehardware processor causes the transmitter to transmit an executionrequest to perform the virus detection processing to another informationprocessing apparatus different from the information processing apparatusamong the plurality of information processing apparatuses.
 24. Anon-transitory computer-readable recording medium that records a programfor causing a computer built into an information processing apparatusthat is one constituent element of an information processing systemconfigured by a plurality of information processing apparatuses toperform: a) causing the information processing apparatus to performvirus detection processing for detecting a computer virus; and b) when acomputer virus has been detected from the information processingapparatus by the virus detection processing, transmitting an executionrequest to perform the virus detection processing to another informationprocessing apparatus different from the information processing apparatusamong the plurality of information processing apparatuses.
 25. Therecording medium according to claim 24, wherein the execution requestincludes virus infection information, the virus infection informationincludes information regarding a suspected infected apparatus that hasestablished communication connection with the information processingapparatus within a presumed infection period and that is suspected ofbeing infected with the computer virus, the presumed infection periodbeing a period during which the information processing apparatus ispresumed to have become infected with the computer virus, the presumedinfection period is a period from when the information processingapparatus has been confirmed to be capable of safe communicationconnection by previous virus detection processing performed by theinformation processing apparatus until the computer virus has beendetected from the information processing apparatus, and in the operationb), control is performed to forbid a request destination apparatus toestablish communication connection with the suspected infectedapparatus, the request destination apparatus being an apparatus that isone of the plurality of information processing apparatuses and thatreceives the execution request.
 26. The recording medium according toclaim 24, wherein the information processing apparatus is an imageprocessing apparatus.
 27. The recording medium according to claim 26,wherein the plurality of information processing apparatuses are aplurality of image processing apparatuses.